It’s a new year, and with a new year come new security challenges and new takes on old favorites. While phishing, social engineering, and state-sponsored attacks are still significant issues, new machine learning innovations support better security efforts. But emerging attack vectors like IoT objects are shifting the cybersecurity battleground into new and unknown territory.
Here are some of the top trends we see down the road in 2022.
Artificial Intelligence and Automation for Preventative Security
Cybersecurity is complex, involving a series of ever-evolving threats attacking nearly any potential vulnerability as soon as they arise. Furthermore, these attacks aren’t limiting themselves to targeting enterprises or large agencies. Small- and mid-sized businesses are equally liable to be in the cross-hairs of a cyber attack. According to a report from Ponemon Institute, 66% of companies reported experiencing cyber attacks, and 69% said that these attacks are becoming more of a target.
Meanwhile, the vector through which these attacks occur is wide-ranging. 57% reported facing phishing or social engineering tasks, while 30% stated they suffered from credential theft.
To catch these myriad threats, defenders must pay attention to suspect behavior alongside more traditional mitigation approaches. AI and machine learning are much better suited to such tasks, finding patterns in unstructured data much faster and much more accurately than most human security experts. This AI can provide experts with the information to fashion preventive and mitigation strategies.
While AI can provide cybersecurity professionals, it isn’t replacing them just yet. Machine learning can be predictable, especially in dynamic areas like cybersecurity, and machines will still need the flexible expertise of human security professionals to drive them.
Development and Expansion of State-Sponsored Advanced Persistent Threats (APTs)
Advanced Persistent Threats, or APTs, are the most challenging threats that IT systems and experts face. APTs are characterized by advanced intelligence gathering and attack vectors, strategic infiltration and persistence into IT systems, and their threat to modern IT.
These attacks often take advantage of the interconnected nature of modern IT. Some of the most significant current attacks have leveraged APTs attacking the distributed digital infrastructure of the United States.
Some of the more notable examples of this kind of attack include the following:
- The Lazarus Group: This North Korean group is a well-known hacker collective tied to the North Korea Reconnaissance General Bureau and gained notoriety for a retaliatory hack against Sony in 2014 in response to a movie they say portrayed Kim Jong-Un negatively.
- Fancy Bear: This Russian hacker group with ties to Russian Intelligence made history when they launched several attacks to steal information from the Clinton campaign in 2016.
- Cozy Bear: This group, also known as NOBELIUM, Office Monkeys or The Dukes, is another Russian hacker group generally considered the force behind the SolarWinds hack.
- Ocean Lotus: A Vietnamese group, Ocean Lotus has relied on malware and zero-day exploits to compromise enterprise systems. Their primary attack to date was the 2019 Toyota data breach.
As you may note, these APT groups are primarily operated in foreign countries, often in conjunction with (or with at least implicit consent of) foreign national organizations for cyber terrorism and sabotage.
Hardening of IoT Edge Networks
The Internet of Things (IoT) is a network of smart equipment, devices and network connections working together to share data, optimize processes and empower collective action. These devices are usually equipped with sensors to gather data and send it back to high-performance cloud servers to process and provide analytics or power artificial intelligence.
These smart devices are everywhere, from healthcare devices to consumer electronics, household appliances to smart cars, manufacturing machines and digital tools. While this offers significant data collection and processing channels, it also provides a significant attack surface for attackers.
Unfortunately, IoT security hasn’t been a priority for many software developers. Furthermore, because these IoT objects are frequently everyday household items, many don’t see how they can be compromised. The problem is that once an IoT device is compromised, a hacker can access the network it is connected to–and every device connected to it.
2022 must be the year that IoT devices are included in modern compliance and security regulations, fully integrated into all enterprise organizations’ risk assessments and security profiles.
Risk Management As a Blueprint for Cybersecurity
Ad hoc cybersecurity is quickly becoming obsolete. While satisfactory to do business, simply implementing compliance and security requirements from a checklist won’t help address the incredibly challenging security threats attacking IT systems every day.
As a practice of understanding how business goals, IT goals and compliance goals align with existing IT system configurations and security gaps, risk management provides organizations with a way to measure their exposure and make educated decisions about their infrastructure. Unlike compliance checklists or ad hoc implementations, risk-based security provides businesses with a way to comprehensively understand their systems, vulnerabilities, and compliance requirements. Following that, many frameworks, including those like the National Institute of Standards and Technology (NIST) Special Publications 800-53 and SP 800-37, explicitly call for risk-based compliance and security as a comprehensive approach to the problem.
No More Free Rides: Strict Compliance Coming Down the Pipeline
With the President’s Executive Order 14028, “Improving the Nation’s Cybersecurity,” government agencies, defense agencies and contractors are expecting a major tightening of regulations around cyberattacks.
Some of the major requirements emerging from this EO include implementing zero-trust architectures, categorizing critical software, and strengthening supply chain security. As of January 2022, government agencies like the National Security Agency (NSA), the Office of Management and Budget (OMB) Cybersecurity and Infrastructure Security Agency (CISA) and the Director of National Intelligence (DNI) are working on classifying systems and testing security measures based on NIST guidelines.
By February 2022, NIST will issue new guidelines for enhanced supply chain security, with more fleshed-out policies arriving in May 2022.
Evolving Security and Compliance for Evolving Threats
With the increased use of online systems, massively integrated and managed services like cloud computing and applications, and the shift to at-home work and distributed workforce, cyber threats are set to increase exponentially in 2022. More so, their sophistication and approaches will also evolve.
Modern mitigation threats are moving fast to meet these challenges, and any organization needs to understand the potential battlegrounds and stakeholders involved.
Looking to Streamline Cybersecurity and Compliance?
Call Lazarus Alliance at 1-888-896-7580 or fill our this form.